package samsung.sds.systemMonitor.userOperationMonitor.handler;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;

import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

import samsung.sds.roleManagement.service.RoleManagementService;
import samsung.sds.systemMonitor.userOperationMonitor.model.MonitorOperationEntity;
import samsung.sds.systemMonitor.userOperationMonitor.model.MonitorUserBaseInfo;
import samsung.sds.systemMonitor.userOperationMonitor.service.UserOperationMonitorService;
import samsung.sds.systemMonitor.userOperationMonitor.utils.Constants;

/**
 * 
 * 登入成功处理类
 * 
 * @author lixin.qiu
 * @createDate 2016-02-22
 */
public class SuccessLoginHandler implements AuthenticationSuccessHandler {

	@Autowired
	private UserOperationMonitorService userOperationMonitorServiceImpl;
	
	@Autowired
	private RoleManagementService roleManagementServiceImpl;

	// 存放在线的用户名
	private List<String> inlineUserNames = new ArrayList<String>();

	/**
	 * 重写登录成功的处理方法
	 */
	@Override
	public void onAuthenticationSuccess(HttpServletRequest request,
			HttpServletResponse response, Authentication authentication)
			throws IOException, ServletException {
		
		//从request里取得登录用户的信息
		MonitorOperationEntity monitorOperationEntity = MonitorUserBaseInfo
				.getMonitorOperationInfo(request);
		UserDetails userDetails = (UserDetails) authentication.getPrincipal();
		monitorOperationEntity.setCreateUser(userDetails.getUsername());
		monitorOperationEntity.setOpType(Constants.SUCCESS_LOGIN);
		
		ServletContext servletContext = request.getSession()
				.getServletContext();
		//登录用户名的session已经存在,则清除掉
		HttpSession session = (HttpSession) servletContext
				.getAttribute(userDetails.getUsername());
		if (session != null) {
			session.invalidate();
		}
		
		//将用户名对应的session存放到servletContext
		servletContext.setAttribute(userDetails.getUsername(),
				request.getSession());
		servletContext.setAttribute(request.getSession().getId(),
				monitorOperationEntity);
		servletContext.setAttribute("UserOperationMonitorService",
				userOperationMonitorServiceImpl);
		//将当前登录的用户存放到List集合里
		inlineUserNames.add(userDetails.getUsername());
		servletContext.setAttribute("INLINE_USERNAMES", inlineUserNames);
		//插入登陆用户的角色信息
		List<String> userRoleList = roleManagementServiceImpl.getUserRoleByUserName(userDetails.getUsername());
		request.getSession().setAttribute(userDetails.getUsername(), userRoleList);
		//插入登录日志
		userOperationMonitorServiceImpl.insertEntity(monitorOperationEntity);
		response.sendRedirect(request.getContextPath() + "/index.do");
	}

}
